REMARKS 



In the Official Action mailed on 12 December 2007, the Examiner 
reviewed claims 1, 3-5, 7, 8, 10-12, 14, 15, 17-19, and 21. Examiner rejected 
claims 1, 3-5, 7-8, 10-12, 14-15, 17-19, and 21 under 35 U.S.C. § 102(e) based on 
Chaudhuri et al. (USPN 7,194,451, hereinafter "Chaudhuri"). 

In a phone conversation on 28 February 2008, Examiner and Applicant 
discussed the distinctions between Chaudhuri and claim 1 of the instant 
application. Examiner suggested clarifying that claim 1 is directed to the 
detection of SQL injection. 

Applicant wishes to point out the following distinctions between the 
present invention and Chaudhuri: 

(1) The query signature in the present invention comprises SQL kejwords 
without SQL literals (see [0038-0039] of the instant application) and is extracted 
from the query itself. In contrast, the signature in Chaudhuri is an integer 
assigned to a query (see FIG. 4, col. 7, line 61 - col. 8, line 2, and col. 4, line 62- 
col. 5, line 5 of Chaudhury). Although Chaudhury mentions matching query text 
in col. 7, lines 54-60, this is simply a brute-force text-based comparison between 
two query strings and can only be used to "differentiae different parameter-less 
stored procediire." In other words, the text-based comparison mentioned in 
Chaudhury does not differentiate SQL keywords from SQL literals. In fact, in the 
same section, Chaudhury claims that such text comparison "is undesirable due to 
its sensitivity to formatting and its inability to identify different instances of tlie 
same query witli different parameters" and advocates using numbers as 
signatures. 

(2) Chaudhuri discloses a system for monitoring database performance. 
Particularly, Chaudhuri discloses grouping queries with the same signatures in an 
aggregation table for performance comparisons (see col. 5, lines 3-5 and abstract 
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of Chaudhiuy). In contrast, the present invention uses query signatures to identify 
queries that have been hacked by SQL injection. When a query is SQL injected, 
the system rejects the query (see [0038-0040] of the instant appHcation). 

Accordingly, Applicant has amended independent claims 1,8, and 15 to 
clarify these points. These amendments find support in paragraphs [0038-0040] 
of the instant application. No new matter has been added. 
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CONCLUSION 

It is submitted that the present application is presently in form for 
allowance. Such action is respectfiilly requested. 

Respectfully submitted, 



By /Shun Yao / 

Shun Yao 

Registration No. 59,242 
Date: 29 February 2008 

Shun Yao 

Park, Vaughan & Fleming LLP 
2820 Fifth Street 
Davis, CA 95618-7759 
Tel: (530) 759-1667 
Fax: (530) 759-1665 
Email: shun@parklegal.com 
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